Security Policy
Control
The Security Policy Control action
enables or disables a policy defined within the current
node.
You must have previously defined policies in order to
use this action.
Suppose your organization has enabled a set of policies
that control the way resources are used. For example, there
might be a policy named FloorDevices101 that
allows certain users read access to all device variables on
the node. Using the Workbench, you can create security
policies from the Administration's
Security tab.
Once the policy is created, you can assign a user access
to that policy.
The AAATech role has access to resources for
FloorDevices101.
Parameter description
Parameter | Description |
---|---|
Operation | Options are Enable Policy or
Disable Policy.
|
Policy Name | Use the Policy
down-arrow to display a list of
policies available for the current
node. For this example, FloorDevices101 and FloorDevices102 were defined on the Administration's Security tab and became available for the Security Policy Control action. Because the Enable Policy is selected, upon execution of the trigger, enforcement of one of the selected policy will be enabled when the security action is performed. |
Example trigger - Security Policy Control
This example describes a trigger that will enable the
read/write access between two devices. For this example,
two policies have been defined that control different
devices on the floor. These policies are named
FloorDevices101 and FloorDevices102.
The trigger is configured to execute whenever the value
of a device variable defined on a third device changes. The
value of this variable will determine which of the two
policies will be enabled and which is disabled. For the
example, an If action is added to the
trigger that will branch to enable the policies of either
the FloorDevices101 policy or the
FloorDevices102 policy. The following
shows the Routing tab for the
If action.
In addition to enabling one policy or another policy,
the trigger will also disable the other policy. The
following shows the Routing tab associated
with Action 2: Security Policy Control: Enable Policy
FloorDevices101.
Notice that if the enablement of the FloorDevices101
policy is successful, the next action performed will
disable the FloorDevices102 policy. The following shows the
full list of actions associated with this example
trigger.